CVE-2017-8849

HIGH

smb4k < 2.0.1 - Privilege Escalation via Mount Helper DBUS Service

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8849. PoCs published by Stealth.

AI-analyzed exploit summary This exploit leverages a D-Bus authentication bypass in smb4k's mount helper to execute arbitrary commands as root. It crafts a malicious D-Bus message to inject a command into the mount process, leading to privilege escalation.

Description

smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.

Exploits (1)

exploitdb WORKING POC

by Stealth · clocallinux

https://www.exploit-db.com/exploits/42053

View Code ZIP pw:eip

This exploit leverages a D-Bus authentication bypass in smb4k's mount helper to execute arbitrary commands as root. It crafts a malicious D-Bus message to inject a command into the mount process, leading to privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: smb4k (KDE SMB/CIFS share browser) < 2.0.0

No auth needed

Prerequisites: smb4k installed · D-Bus access · mount helper service running

MITRE ATT&CK

T1548 - Abuse Elevation Control Mechanism T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10

Core References

Patch, Third Party Advisory x_refsource_confirm

https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42053/

Issue Tracking, Patch, Third Party Advisory, VDB Entry x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1449656

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2017/dsa-3951

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201705-14

Third Party Advisory x_refsource_confirm

https://www.kde.org/info/security/advisory-20170510-2.txt

Patch, Third Party Advisory x_refsource_confirm

https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98690

Exploit, Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist

http://www.openwall.com/lists/oss-security/2017/05/10/3

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/98737

Scores

CVSS v3 7.8

EPSS 0.0013

EPSS Percentile 32.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (2)

debian/debian_linux 8.0

smb4k_project/smb4k < 2.0.0

Published May 17, 2017

Tracked Since Feb 18, 2026